TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
856
Signature ID: 34879
Symantec Products SupportSoft SmartIssue ActiveX Control Remote Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-2006-6490 Bugtraq: 22564
Signature Description: SupportSoft Inc. develops a product called Self-Service Suite which aims to help end users
solve technical problems on their own. SupportSoft products 6.x and prior versions are vulnerable, which are included
with multiple Symantec products, are vulnerable to multiple buffer overflows. By persuading a victim to visit a
specially-crafted Web page or open a specially-crafted HTML email containing UTF-16 encoded exploit data,, a
remote attacker could overflow a buffer and cause the victim's browser to crash or possible execute arbitrary code on
the system with privileges of the victim. Users are advised to set kill bit to the clsid corresponding to the progid
SPRT.SmartIssue to resolve this issue.
Signature ID: 34880
Symantec Products SupportSoft SmartIssue ActiveX Control Remote Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-2006-6490 Bugtraq: 22564
Signature Description: SupportSoft Inc. develops a product called Self-Service Suite which aims to help end users
solve technical problems on their own. SupportSoft products 6.x and prior versions are vulnerable, which are included
with multiple Symantec products, are vulnerable to multiple buffer overflows. By persuading a victim to visit a
specially-crafted Web page or open a specially-crafted HTML email containing UTF-16 encoded exploit data, a remote
attacker could overflow a buffer and cause the victim's browser to crash or possible execute arbitrary code on the
system with privileges of the victim. Users are advised to set kill bit to the clsid corresponding to the progid
SPRT.SmartIssue to resolve this issue.
Signature ID: 34881
Symantec Products SupportSoft SmartIssue ActiveX Control Remote Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-2006-6490
Bugtraq: 22564
Signature Description: SupportSoft Inc. develops a product called Self-Service Suite which aims to help end users
solve technical problems on their own. SupportSoft products 6.x and prior versions are vulnerable, which are included
with multiple Symantec products, are vulnerable to multiple buffer overflows. By persuading a victim to visit a
specially-crafted Web page or open a specially-crafted HTML email containing hex encoded shellcode data, a remote
attacker could overflow a buffer and cause the victim's browser to crash or possible execute arbitrary code on the
system with privileges of the victim. Users are advised to set kill bit to the clsid corresponding to the progid
SPRT.SmartIssue to resolve this issue.
Signature ID: 34882
Symantec Products SupportSoft SmartIssue ActiveX Control Remote Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-2006-6490
Bugtraq: 22564
Signature Description: SupportSoft Inc. develops a product called Self-Service Suite which aims to help end users
solve technical problems on their own. SupportSoft products 6.x and prior versions are vulnerable, which are included
with multiple Symantec products, are vulnerable to multiple buffer overflows. By persuading a victim to visit a
specially-crafted Web page or open a specially-crafted HTML email containing %u encoded exploit data, a remote